Merge branch 'support-3.7' of https://github.com/Evolveum/midpoint in…

…to support-3.7
Evolveum · Sep 21, 2018 · d5ffaaa · d5ffaaa
2 parents b144f82 + a63aed6
commit d5ffaaa
Show file tree

Hide file tree

Showing 30 changed files with 821 additions and 74 deletions.
diff --git a/infra/prism/src/main/java/com/evolveum/midpoint/prism/Item.java b/infra/prism/src/main/java/com/evolveum/midpoint/prism/Item.java
@@ -611,7 +611,7 @@ protected ItemDelta<V,D> fixupDelta(ItemDelta<V,D> delta, Item<V,D> other,
 	@Override
 	public void accept(Visitor visitor) {
 		visitor.visit(this);
-		for(PrismValue value: getValues()) {
+		for (PrismValue value: getValues()) {
 			value.accept(visitor);
 		}
 	}

diff --git a/infra/prism/src/main/java/com/evolveum/midpoint/prism/PrismContainer.java b/infra/prism/src/main/java/com/evolveum/midpoint/prism/PrismContainer.java
@@ -640,7 +640,7 @@ public <IV extends PrismValue,ID extends ItemDefinition,I extends Item<IV,ID>> v
     	if (cval == null) {
     		return;
     	}
-    	cval.removeItem(ItemPath.pathRestStartingWithName(path.rest()), itemType);
+    	cval.removeItem(ItemPath.pathRestStartingWithName(path), itemType);
     }
 
     // Expects that the "self" path segment is NOT included in the basePath

diff --git a/infra/prism/src/main/java/com/evolveum/midpoint/prism/PrismContainerValue.java b/infra/prism/src/main/java/com/evolveum/midpoint/prism/PrismContainerValue.java
@@ -911,7 +911,7 @@ <IV extends PrismValue,ID extends ItemDefinition,I extends Item<IV,ID>> void rem
     		Item<?,?> item = itemsIterator.next();
             if (subName.equals(item.getElementName())) {
             	if (!rest.isEmpty() && item instanceof PrismContainer) {
-            		((PrismContainer<?>)item).removeItem(propPath, itemType);
+            		((PrismContainer<?>)item).removeItem(rest, itemType);
             		return;
             	} else {
             		if (itemType.isAssignableFrom(item.getClass())) {
@@ -951,7 +951,7 @@ public void recompute(PrismContext prismContext) {
 	public void accept(Visitor visitor) {
 		super.accept(visitor);
 		if (items != null) {
-			for (Item<?,?> item : getItems()) {
+			for (Item<?,?> item : new ArrayList<>(items)) {     // to allow modifying item list via the acceptor
 				item.accept(visitor);
 			}
 		}
@@ -1766,4 +1766,27 @@ public Collection<PrismValue> getAllValues(ItemPath path) {
 		}
 		return rv;
 	}
+
+	public void removeItems(List<ItemPath> itemsToRemove) {
+		for (ItemPath itemToRemove : itemsToRemove) {
+			Item item = findItem(itemToRemove);		// reduce to "removeItem" after fixing that method implementation
+			if (item != null) {
+				removeItem(item.getPath(), Item.class);
+			}
+		}
+	}
+
+	public void removeOperationalItems() {
+		accept(visitable -> {
+			if (visitable instanceof Item) {
+				Item item = ((Item) visitable);
+				if (item.getDefinition() != null && item.getDefinition().isOperational()) {
+					PrismValue parent = item.getParent();
+					if (parent instanceof PrismContainerValue) {    // should be the case
+						((PrismContainerValue) parent).remove(item);
+					}
+				}
+			}
+		});
+	}
 }
diff --git a/infra/schema/src/test/java/com/evolveum/midpoint/schema/TestMiscellaneous.java b/infra/schema/src/test/java/com/evolveum/midpoint/schema/TestMiscellaneous.java
@@ -15,24 +15,24 @@
  */
 package com.evolveum.midpoint.schema;
 
-import com.evolveum.midpoint.prism.Containerable;
-import com.evolveum.midpoint.prism.PrismContainer;
-import com.evolveum.midpoint.prism.PrismContainerValue;
+import com.evolveum.midpoint.prism.*;
+import com.evolveum.midpoint.prism.path.ItemPath;
 import com.evolveum.midpoint.prism.util.PrismTestUtil;
 import com.evolveum.midpoint.schema.constants.MidPointConstants;
 import com.evolveum.midpoint.util.PrettyPrinter;
 import com.evolveum.midpoint.util.exception.SchemaException;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentType;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.*;
 import org.testng.annotations.BeforeSuite;
 import org.testng.annotations.Test;
 import org.xml.sax.SAXException;
 
+import java.io.File;
 import java.io.IOException;
+import java.util.concurrent.atomic.AtomicInteger;
 
 import static com.evolveum.midpoint.prism.util.PrismTestUtil.getPrismContext;
+import static org.testng.AssertJUnit.assertEquals;
+import static org.testng.AssertJUnit.assertNull;
 import static org.testng.AssertJUnit.fail;
 
 /**
@@ -41,6 +41,9 @@
  */
 public class TestMiscellaneous {
 
+	public static final File TEST_DIR = new File("src/test/resources/misc");
+	private static final File FILE_ROLE_REMOVE_ITEMS = new File(TEST_DIR, "role-remove-items.xml");
+
 	@BeforeSuite
 	public void setup() throws SchemaException, SAXException, IOException {
 		PrettyPrinter.setDefaultNamespacePrefix(MidPointConstants.NS_MIDPOINT_PUBLIC_PREFIX);
@@ -73,4 +76,39 @@ public void singleValuedItems() throws Exception {
 		}
 	}
 
+	@Test
+	public void removeOperationalItems() throws Exception {
+		System.out.println("===[ removeOperationalItems ]===");
+		PrismObject<RoleType> role = getPrismContext().parseObject(FILE_ROLE_REMOVE_ITEMS);
+
+		AtomicInteger propertyValuesBefore = new AtomicInteger(0);
+		role.accept(o -> {
+			if (o instanceof PrismPropertyValue) {
+				propertyValuesBefore.incrementAndGet();
+				System.out.println(((PrismPropertyValue) o).getPath() + ": " + ((PrismPropertyValue) o).getValue());
+			}
+		});
+
+		System.out.println("Property values before: " + propertyValuesBefore);
+
+		role.getValue().removeOperationalItems();
+		System.out.println("After operational items removal:\n" + getPrismContext().xmlSerializer().serialize(role));
+
+		AtomicInteger propertyValuesAfter = new AtomicInteger(0);
+		role.accept(o -> {
+			if (o instanceof PrismPropertyValue) {
+				propertyValuesAfter.incrementAndGet();
+				System.out.println(((PrismPropertyValue) o).getPath() + ": " + ((PrismPropertyValue) o).getValue());
+			}
+		});
+		System.out.println("Property values after: " + propertyValuesAfter);
+
+		assertNull("metadata container present", role.findContainer(RoleType.F_METADATA));
+		assertNull("effectiveStatus present", role.findProperty(new ItemPath(RoleType.F_ACTIVATION, ActivationType.F_EFFECTIVE_STATUS)));
+		assertNull("assignment[1]/activation/effectiveStatus present",
+				role.findProperty(new ItemPath(RoleType.F_ASSIGNMENT, 1L, AssignmentType.F_ACTIVATION, ActivationType.F_EFFECTIVE_STATUS)));
+
+		assertEquals("Wrong property values after", propertyValuesBefore.intValue()-6, propertyValuesAfter.intValue());
+	}
+
 }
diff --git a/infra/schema/src/test/resources/misc/role-remove-items.xml b/infra/schema/src/test/resources/misc/role-remove-items.xml
@@ -0,0 +1,61 @@
+<!--
+  ~ Copyright (c) 2010-2018 Evolveum
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~     http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
+<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+	  xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+	  xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3" xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
+	  xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
+	  xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
+	  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	  xmlns:my="http://example.com/xml/ns/mySchema"
+	  oid="oid-1">
+	<name>name-1</name>
+	<description>description-1</description>
+	<lifecycleState>active</lifecycleState>
+	<metadata>
+		<certifierComment>hello world</certifierComment>
+	</metadata>
+	<activation>
+		<administrativeStatus>enabled</administrativeStatus>
+		<effectiveStatus>enabled</effectiveStatus>
+	</activation>
+	<assignment id="1">
+		<targetRef oid="role-approver-meta-role" relation="org:default" type="c:RoleType"/>
+		<activation>
+			<effectiveStatus>enabled</effectiveStatus>
+		</activation>
+	</assignment>
+	<assignment>
+		<targetRef oid="manager-approved-meta-role" relation="org:default" type="c:RoleType"/>
+		<activation>
+			<effectiveStatus>enabled</effectiveStatus>
+		</activation>
+	</assignment>
+	<assignment>
+		<targetRef oid="unassign-role-workflow-meta-role" relation="org:default" type="c:RoleType"/>
+		<activation>
+			<effectiveStatus>enabled</effectiveStatus>
+		</activation>
+	</assignment>
+	<assignment>
+		<targetRef oid="org-aplikacni-role" relation="org:default" type="c:OrgType"/>
+		<activation>
+			<effectiveStatus>enabled</effectiveStatus>
+		</activation>
+	</assignment>
+	<requestable>false</requestable>
+	<idempotence>conservative</idempotence>
+</role>
diff --git a/model/model-api/pom.xml b/model/model-api/pom.xml
@@ -105,6 +105,10 @@
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-ldap</artifactId>
 		</dependency>
+                <dependency>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-tx</artifactId>
+                </dependency>
 		<dependency>
 			<groupId>org.springframework</groupId>
 			<artifactId>spring-beans</artifactId>

diff --git a/...va/com/evolveum/midpoint/model/api/authentication/MidPointLdapAuthenticationProvider.java b/...va/com/evolveum/midpoint/model/api/authentication/MidPointLdapAuthenticationProvider.java
@@ -24,6 +24,7 @@
 import com.evolveum.midpoint.util.logging.TraceManager;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.dao.IncorrectResultSizeDataAccessException;
 import org.springframework.ldap.core.DirContextOperations;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.InternalAuthenticationServiceException;
@@ -55,6 +56,9 @@ protected DirContextOperations doAuthentication(UsernamePasswordAuthenticationTo
         	// So, be smart here and try to figure out correct error.
         	throw processInternalAuthenticationException(e, e);
 
+        } catch (IncorrectResultSizeDataAccessException e) {
+            LOGGER.error("Failed to authenticate user {}. Error: {}", authentication.getName(), e.getMessage(), e);
+            throw new BadCredentialsException("LdapAuthentication.bad.user", e);
         } catch (RuntimeException e) {
             LOGGER.error("Failed to authenticate user {}. Error: {}", authentication.getName(), e.getMessage(), e);
             auditProvider.auditLoginFailure(authentication.getName(), null, ConnectionEnvironment.create(SchemaConstants.CHANNEL_GUI_USER_URI), "bad credentials");

diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelRestService.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelRestService.java
@@ -155,7 +155,6 @@ public <O extends ObjectType> Response generateValue(@PathParam("type") String t
 		} catch (Exception ex) {
 			parentResult.computeStatus();
 			response = RestServiceUtil.handleException(parentResult, ex);
-
 		}
 
 		finishRequest(task);
@@ -937,8 +936,8 @@ public Response executeScript(@Convertor(ExecuteScriptConvertor.class) ExecuteSc
 				response = RestServiceUtil.createResponse(Response.Status.OK, responseData, result);
 			}
 		} catch (Exception ex) {
-			response = RestServiceUtil.handleException(result, ex);
 			LoggingUtils.logUnexpectedException(LOGGER, "Couldn't execute script.", ex);
+			response = RestServiceUtil.handleExceptionNoLog(result, ex);
 		}
 		result.computeStatus();
 		finishRequest(task);
@@ -1029,7 +1028,7 @@ public Response getLog(@QueryParam("fromPosition") Long fromPosition, @QueryPara
 
 		} catch (Exception ex) {
 			LoggingUtils.logUnexpectedException(LOGGER, "Cannot get log file content: fromPosition={}, maxSize={}", ex, fromPosition, maxSize);
-			response = RestServiceUtil.handleException(result, ex);
+			response = RestServiceUtil.handleExceptionNoLog(result, ex);
 		}
 
 		result.computeStatus();

diff --git a/...model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java b/...model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java
@@ -1662,6 +1662,18 @@ public <T extends ObjectType> CompareResultType compareObject(PrismObject<T> pro
 		return rv;
 	}
 
+	private <T extends ObjectType> void removeIgnoredItems(PrismObject<T> object, List<ItemPath> ignoreItems) {
+		if (object != null) {
+			object.getValue().removeItems(ignoreItems);
+		}
+	}
+
+	private <T extends ObjectType> void removeOperationalItems(PrismObject<T> object) {
+		if (object != null) {
+			object.getValue().removeOperationalItems();
+		}
+	}
+
 	private <T extends ObjectType> PrismObject<T> fetchCurrentObject(Class<T> type, String oid, PolyString name,
 			Collection<SelectorOptions<GetOperationOptions>> readOptions, Task task,
 			OperationResult result)
@@ -1701,37 +1713,6 @@ private <T extends ObjectType> PrismObject<T> fetchCurrentObject(Class<T> type,
 		}
 	}
 
-	private <T extends ObjectType> void removeIgnoredItems(PrismObject<T> object, List<ItemPath> ignoreItems) {
-		if (object == null) {
-			return;
-		}
-		for (ItemPath path : ignoreItems) {
-			Item item = object.findItem(path);		// reduce to "removeItem" after fixing that method implementation
-			if (item != null) {
-				object.removeItem(item.getPath(), Item.class);
-			}
-		}
-	}
-
-	// TODO write in cleaner way
-	private <T extends ObjectType> void removeOperationalItems(PrismObject<T> object) {
-		if (object == null) {
-			return;
-		}
-		final List<ItemPath> operationalItems = new ArrayList<>();
-		object.accept(visitable -> {
-			if (visitable instanceof Item) {
-				Item item = ((Item) visitable);
-				if (item.getDefinition() != null && item.getDefinition().isOperational()) {
-					operationalItems.add(item.getPath());
-					// it would be nice if we could stop visiting children here but that's not possible now
-				}
-			}
-		});
-		LOGGER.trace("Operational items: {}", operationalItems);
-		removeIgnoredItems(object, operationalItems);
-	}
-
 	private Collection<SelectorOptions<GetOperationOptions>> preProcessOptionsSecurity(Collection<SelectorOptions<GetOperationOptions>> options, Task task, OperationResult result)
 			throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, SecurityViolationException {
 		GetOperationOptions rootOptions = SelectorOptions.findRootOptions(options);

diff --git a/...model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/MidpointFunctionsImpl.java b/...model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/MidpointFunctionsImpl.java
@@ -481,6 +481,7 @@ public ShadowType getLinkedShadow(FocusType focus, String resourceOid, boolean r
 				// It is safe to ignore this error in this method.
 				LOGGER.trace("Ignoring shadow " + linkRef.getOid() + " linked in " + focus
 						+ " because it no longer exists in repository");
+				getCurrentResult().muteLastSubresultError();
 				continue;
 			}
 			if (shadowType.getResourceRef().getOid().equals(resourceOid)) {
@@ -493,6 +494,7 @@ public ShadowType getLinkedShadow(FocusType focus, String resourceOid, boolean r
 						// It is safe to ignore this error in this method.
 						LOGGER.trace("Ignoring shadow " + linkRef.getOid() + " linked in " + focus
 								+ " because it no longer exists on resource");
+						getCurrentResult().muteLastSubresultError();
 						continue;
 					}
 				}

diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/integrity/ContextMapKey.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/integrity/ContextMapKey.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright (c) 2010-2018 Evolveum
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.evolveum.midpoint.model.impl.integrity;
+
+import javax.xml.namespace.QName;
+import java.io.Serializable;
+import java.util.Objects;
+
+/**
+ * @author mederly
+ */
+
+class ContextMapKey implements Serializable {
+
+    final String resourceOid;
+    final QName objectClassName;
+
+	ContextMapKey(String resourceOid, QName objectClassName) {
+        this.resourceOid = resourceOid;
+        this.objectClassName = objectClassName;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o)
+            return true;
+        if (!(o instanceof ContextMapKey))
+            return false;
+        ContextMapKey that = (ContextMapKey) o;
+        return Objects.equals(resourceOid, that.resourceOid) &&
+                Objects.equals(objectClassName, that.objectClassName);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(resourceOid, objectClassName);
+    }
+
+	@Override
+	public String toString() {
+		return "ContextMapKey{" +
+				"resourceOid='" + resourceOid + '\'' +
+				", objectClassName=" + objectClassName +
+				'}';
+	}
+}